Route Origin Authorization
$ rpki-client -vvf rpki.sub.apnic.net/repository/A91DD5100000/0/34332e3235322e32322e302f32342d3234203d3e20383334.roa
File: 34332e3235322e32322e302f32342d3234203d3e20383334.roa (raw, json)
Hash identifier: okxwx+q6M7FtPB4skkGC+dlfaZRFcopYyaYY2mQyBYY=
Subject key identifier: 96:AD:EE:60:10:A2:DA:6C:C6:98:CA:72:12:DB:35:CE:DA:89:AB:DD
Certificate issuer: /CN=A91DD5100000/serialNumber=5D707B0D3569622432B4BDCBFD320F9A8B6DDC7B
Certificate serial: 3A52B7933ED113480210D24301D20DD6CC1233EA
Authority key identifier: 5D:70:7B:0D:35:69:62:24:32:B4:BD:CB:FD:32:0F:9A:8B:6D:DC:7B
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XXB7DTVpYiQytL3L_TIPmott3Hs.cer
Subject info access: rsync://rpki.sub.apnic.net/repository/A91DD5100000/0/34332e3235322e32322e302f32342d3234203d3e20383334.roa
Signing time: Wed 18 Dec 2024 06:10:49 +0000
ROA not before: Wed 18 Dec 2024 06:05:49 +0000
ROA not after: Wed 17 Dec 2025 06:10:49 +0000
asID: 834
IP address blocks: 43.252.22.0/24 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:52:b7:93:3e:d1:13:48:02:10:d2:43:01:d2:0d:d6:cc:12:33:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91DD5100000
Validity
Not Before: Dec 18 06:05:49 2024 GMT
Not After : Dec 17 06:10:49 2025 GMT
Subject: CN=96ADEE6010A2DA6CC698CA7212DB35CEDA89ABDD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:b3:b5:f1:aa:0b:e2:6e:27:20:96:3b:ed:31:
19:62:5e:e9:56:6c:06:05:e9:a2:bd:14:18:bd:c1:
cf:55:e7:46:da:17:60:cc:88:df:c3:60:aa:62:ea:
94:1e:3e:94:f5:c1:c4:6c:ce:1d:32:b7:2e:8b:3c:
f0:db:45:a0:6e:06:14:63:61:b8:4d:c8:8e:91:0c:
84:d1:85:6b:87:cd:6f:07:a8:fa:b3:0b:7d:4c:0f:
22:c2:a7:85:d9:e0:95:e7:34:b8:17:0b:70:45:54:
1c:b2:6b:f3:5b:00:a0:ad:6b:4b:60:0c:36:7b:72:
0d:ac:03:e1:cc:46:e9:1b:e5:42:be:ec:f3:1b:fd:
dd:ea:3a:49:bd:28:1d:79:64:bf:d5:26:67:83:80:
5f:7c:64:11:f1:ab:53:7d:c8:ad:f3:a6:f2:17:56:
d0:0b:d5:1c:54:26:a9:2c:59:7b:35:d9:0e:7b:31:
45:21:1b:59:7a:db:fe:42:a7:7b:7b:be:c3:c7:7a:
ad:78:0c:d6:52:38:6e:ea:8a:3c:04:8c:e0:0f:69:
4e:07:d2:10:35:ba:2a:33:a0:b8:a7:07:72:bd:15:
8c:af:3b:c5:d9:f9:d7:83:42:03:fe:e5:07:98:a0:
89:69:11:77:08:80:84:3c:7e:db:77:ac:c3:a6:7c:
03:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:AD:EE:60:10:A2:DA:6C:C6:98:CA:72:12:DB:35:CE:DA:89:AB:DD
X509v3 Authority Key Identifier:
keyid:5D:70:7B:0D:35:69:62:24:32:B4:BD:CB:FD:32:0F:9A:8B:6D:DC:7B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.sub.apnic.net/repository/A91DD5100000/0/5D707B0D3569622432B4BDCBFD320F9A8B6DDC7B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XXB7DTVpYiQytL3L_TIPmott3Hs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.sub.apnic.net/repository/A91DD5100000/0/34332e3235322e32322e302f32342d3234203d3e20383334.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.252.22.0/24
Signature Algorithm: sha256WithRSAEncryption
32:a3:4d:5c:1b:0f:57:14:07:55:ab:0d:f1:72:3e:8f:c5:47:
60:2e:d8:a8:87:00:cf:fd:ef:d6:75:7b:e3:bc:01:32:59:6a:
04:84:3c:65:dc:13:b6:b1:be:5a:9a:5e:a6:d6:fa:a9:c7:83:
a3:ce:b3:f8:f0:46:2c:18:b7:30:ab:eb:8f:75:8b:45:9c:34:
71:97:86:5f:c3:eb:23:28:48:24:66:b9:0c:cc:a0:cc:32:a2:
8e:18:42:a4:9d:0c:8a:d7:f8:34:ff:29:c4:8f:88:7a:ba:35:
bd:7a:79:1c:bc:3a:31:45:5d:0a:a2:f5:c4:e4:b1:07:7a:16:
32:c8:c8:fb:1b:06:1a:79:8e:fc:1d:29:d7:e4:a7:65:35:de:
65:a5:a3:45:85:c4:be:84:e7:1d:e4:8d:c7:e4:c7:47:ed:c8:
de:bc:8d:60:f6:97:73:6b:38:9c:ab:3f:61:25:5a:c9:17:8e:
1a:9f:b5:ad:20:fd:34:3c:74:97:b3:c5:e2:15:f1:91:f5:b3:
5b:a5:e4:db:21:3f:7d:fa:eb:77:4a:b3:c9:df:e1:5c:9b:4c:
fa:22:11:35:89:e1:77:ce:38:ed:81:5c:93:02:47:15:11:1c:
14:c0:75:39:2c:13:ed:90:8c:03:0b:cf:d4:ce:72:50:6e:5e:
1f:be:21:07
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIUOlK3kz7RE0gCENJDAdIN1swSM+owDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxREQ1MTAwMDAwMTEwLwYDVQQFEyg1RDcwN0IwRDM1
Njk2MjI0MzJCNEJEQ0JGRDMyMEY5QThCNkREQzdCMB4XDTI0MTIxODA2MDU0OVoX
DTI1MTIxNzA2MTA0OVowMzExMC8GA1UEAxMoOTZBREVFNjAxMEEyREE2Q0M2OThD
QTcyMTJEQjM1Q0VEQTg5QUJERDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJOztfGqC+JuJyCWO+0xGWJe6VZsBgXpor0UGL3Bz1XnRtoXYMyI38NgqmLq
lB4+lPXBxGzOHTK3Los88NtFoG4GFGNhuE3IjpEMhNGFa4fNbweo+rMLfUwPIsKn
hdnglec0uBcLcEVUHLJr81sAoK1rS2AMNntyDawD4cxG6RvlQr7s8xv93eo6Sb0o
HXlkv9UmZ4OAX3xkEfGrU33IrfOm8hdW0AvVHFQmqSxZezXZDnsxRSEbWXrb/kKn
e3u+w8d6rXgM1lI4buqKPASM4A9pTgfSEDW6KjOguKcHcr0VjK87xdn514NCA/7l
B5igiWkRdwiAhDx+23esw6Z8A0kCAwEAAaOCAgswggIHMB0GA1UdDgQWBBSWre5g
EKLabMaYynIS2zXO2omr3TAfBgNVHSMEGDAWgBRdcHsNNWliJDK0vcv9Mg+ai23c
ezAOBgNVHQ8BAf8EBAMCB4AwcgYDVR0fBGswaTBnoGWgY4ZhcnN5bmM6Ly9ycGtp
LnN1Yi5hcG5pYy5uZXQvcmVwb3NpdG9yeS9BOTFERDUxMDAwMDAvMC81RDcwN0Iw
RDM1Njk2MjI0MzJCNEJEQ0JGRDMyMEY5QThCNkREQzdCLmNybDB+BggrBgEFBQcB
AQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVwb3Np
dG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9YWEI3RFRWcFlp
UXl0TDNMX1RJUG1vdHQzSHMuY2VyMIGFBggrBgEFBQcBCwR5MHcwdQYIKwYBBQUH
MAuGaXJzeW5jOi8vcnBraS5zdWIuYXBuaWMubmV0L3JlcG9zaXRvcnkvQTkxREQ1
MTAwMDAwLzAvMzQzMzJlMzIzNTMyMmUzMjMyMmUzMDJmMzIzNDJkMzIzNDIwM2Qz
ZTIwMzgzMzM0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUF
BwEHAQH/BBAwDjAMBAIAATAGAwQAK/wWMA0GCSqGSIb3DQEBCwUAA4IBAQAyo01c
Gw9XFAdVqw3xcj6PxUdgLtiohwDP/e/WdXvjvAEyWWoEhDxl3BO2sb5aml6m1vqp
x4OjzrP48EYsGLcwq+uPdYtFnDRxl4Zfw+sjKEgkZrkMzKDMMqKOGEKknQyK1/g0
/ynEj4h6ujW9enkcvDoxRV0KovXE5LEHehYyyMj7GwYaeY78HSnX5KdlNd5lpaNF
hcS+hOcd5I3H5MdH7cjevI1g9pdzazicqz9hJVrJF44an7WtIP00PHSXs8XiFfGR
9bNbpeTbIT99+ut3SrPJ3+Fcm0z6IhE1ieF3zjjtgVyTAkcVERwUwHU5LBPtkIwD
C8/UznJQbl4fviEH
-----END CERTIFICATE-----
Generated at Sat Apr 5 00:52:45 2025 by rpki-client